# Report 2022-06  

## News

 - [Tim Hortons app violated privacy laws in collection of ‘vast amounts’ of sensitive location data](https://priv.gc.ca/en/opc-news/news-and-announcements/2022/nr-c_220601/)
 - [Norway to Track All Supermarket Purchases](https://www.lifeinnorway.net/norway-to-track-all-supermarket-purchases)
 - [ICE Searched LexisNexis Database Over 1 Million Times in Just Seven Months](https://theintercept.com/2022/06/09/ice-lexisnexis-mass-surveillances)
 - [You agreed to what? Doctor check-in software harvests your health data](https://www.washingtonpost.com/technology/2022/06/13/health-privacy)
 - [Bluetooth signals can be used to identify and track smartphones](https://jacobsschool.ucsd.edu/news/release/3461)
 - [Kmart and Bunnings Are Tracking Customers With Facial Recognition](https://www.vice.com/en/article/3adz89/kmart-and-bunnings-are-tracking-customers-with-facial-recognition)
 - [Facebook Is Receiving Sensitive Medical Information from Hospital Websites](https://themarkup.org/pixel-hunt/2022/06/16/facebook-is-receiving-sensitive-medical-information-from-hospital-websites)
 - [Leaked Audio From 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed From China](https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access)
 - [Italy Data Protection Authority Warns Websites Against Use of Google Analytics](https://thehackernews.com/2022/06/italy-data-protection-authority-warns.html)
 - [The #1 Period Tracker on the App Store Will Hand Over Data Without a Warrant](https://www.vice.com/en/article/y3pgvg/the-1-period-tracker-on-the-app-store-will-hand-over-data-without-a-warrant)
 - [T-Mobile has started selling your app data to advertisers](https://www.androidpolice.com/t-mobile-has-started-selling-your-app-data-to-advertisers/)

## Data Breaches

 - [Shields Health Care Group data breach affects 2 million patients](https://www.bleepingcomputer.com/news/security/shields-health-care-group-data-breach-affects-2-million-patients)
 - [Turkish flight operator Pegasus Airlines suffers data breach](https://portswigger.net/daily-swig/turkish-flight-operator-pegasus-airlines-suffers-data-breach)
 - [Kaiser Permanente data breach exposed healthcare records of 70,000 patients](https://portswigger.net/daily-swig/kaiser-permanente-data-breach-exposed-healthcare-records-of-70-000-patients)
 - [The hangover: Japan city admits data lost after night out ](https://www.thestar.com.my/tech/tech-news/2022/06/23/the-hangover-japan-city-admits-data-lost-after-night-out)
 - [Data breach at US ambulance billing service Comstar exposed patients’ healthcare information](https://portswigger.net/daily-swig/data-breach-at-us-ambulance-billing-service-comstar-exposed-patients-healthcare-information)
 - [California DOJ data breach exposes personal information of all concealed carry permit holders across state](https://www.nbcnews.com/news/us-news/california-doj-data-breach-exposes-personal-information-concealed-carr-rcna35849)
 - [Hot Tub Crime Machine: Jacuzzi Smart Tubs Left Personal Info Exposed](https://gizmodo.com/jacuzzi-smart-tubs-expose-user-data-research-1849093671)
 - [NFT marketplace OpenSea warns of data breach that could lead to phishing attacks](https://grahamcluley.com/nft-marketplace-opensea-warns-of-data-breach-that-could-lead-to-phishing-attacks)

## Paper/Report

 - [Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices](https://cseweb.ucsd.edu/~schulman/docs/oakland22-bletracking.pdf)
